{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T03:39:10.003","vulnerabilities":[{"cve":{"id":"CVE-2024-5400","sourceIdentifier":"twcert@cert.org.tw","published":"2024-05-27T06:15:10.620","lastModified":"2026-06-17T08:15:52.327","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."},{"lang":"es","value":"Openfind Mail2000 no filtra adecuadamente los parámetros de CGI específicos. Los atacantes remotos con privilegios regulares pueden aprovechar esta vulnerabilidad para ejecutar comandos arbitrarios del sistema en el servidor remoto."}],"affected":[{"source":"twcert@cert.org.tw","affectedData":[{"vendor":"Openfind","product":"Mail2000 V8.0","defaultStatus":"unaffected","versions":[{"version":"earlier","lessThan":"Patch 34","versionType":"custom","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"openfind","product":"mail2000","defaultStatus":"unknown","cpes":["cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:*"],"versions":[{"version":"8.0","lessThan":"8.0_patch_34","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-28T11:31:13.350634Z","id":"CVE-2024-5400","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openfind:mail2000:6.0:*:*:*:*:*:*:*","matchCriteriaId":"97249A05-B6F2-4D10-902D-4D1A373F3F90"},{"vulnerable":true,"criteria":"cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:*","matchCriteriaId":"1762976A-2372-49D5-BD94-77F8C0C86DC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:*","matchCriteriaId":"DC17A2D8-B006-4738-A6CB-F6B277460B6B"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7819-9661a-1.html","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-7819-9661a-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}